A few weeks ago we published an article in which I mentioned two types of software that are almost certain to elicit a lively discussion, browsers, and antivirus. We covered browsers in that article – Which Is the Best Browser – and now I’m going to discuss antivirus software.
Antivirus: A little History
The name “antivirus” came about many years ago when the predominant threat was in the form of viruses. In the main, viruses are specifically designed to cause damage, they are more destructive than invasive. Of course, the threat landscape has evolved enormously since then with new and more invasive types of malware coming into play.
Malware is a portmanteau of the two words malicious software which encompasses all types of threats including viruses, rootkits, trojans, key loggers, ransomware, etc. Even though modern antivirus software protects against a wide range of threats, antivirus vendors have chosen to retain that old moniker when, in reality, they should be called antimalware.
In the early days, antivirus software relied largely on a database of definitions to protect against threats. This system is effective against known threats but not so much against zero-day threats (new threats). Fortunately, antivirus developers have since incorporated a very much improved heuristics (rules-based) component into their software which identifies malware based on specific behavioral traits and provides highly effective protection against zero-day threats.
With a combination of definition database and heuristics components, modern-day antivirus software provides an extremely effective defense against a wide variety of threats. So much so that cybercriminals have turned more and more to alternative methods, such as phishing email, as a more cost-effective method of scamming users out of their hard-earned money.
What Is The Best Protection
I’ve said this many times over but it bears repeating… the best protection is between the user’s ears. In other words, the savvy user who knows where and where not to click will always be safer than an inexperienced user who is what I call a “compulsive clicker”.
It’s a fact that 99.9% of all malware cannot be delivered without some sort of interaction from the user. I won’t go into all the usual rules here but, for a complete explanation, please read an earlier article: 10 Golden Rules To Defeat Scammers. One thing antivirus software cannot do is protect users from themselves.
Free vs Premium Antivirus
Test results from the professional AV-Test lab prove conclusively that the gap between free and premium antivirus software has closed to a point where they are pretty much on par. Even Microsoft Defender (formerly known as Windows Defender), which was once regarded as a joke, now ranks right up there with premium antivirus solutions. In fact, premium antivirus vendors are currently including various security-related components – such as a VPN and/or password managers – in an attempt to outdo their free competitors and woo users back into the fold.
Personally, I have never paid for antivirus software and, in all the years I’ve been working with Windows, I recall only one infection way back in the early XP days and have not experienced a single infection since. This serves to emphasize that users can vastly increase their safety from threats by knowing and following the golden rules.
Which Is The Best Antivirus
As is the case with browsers, the best antivirus is whichever does the best job for you, the user. While I don’t use nor need a premium antivirus solution, I will never criticize those who do; that is their choice. Similarly, while I believe that a savvy user could get away without any antivirus software at all, it’s not something I would ever recommend nor put into practice myself.
Most experienced users have already made up their minds as to which is the best antivirus for them but if I were to recommend an antivirus solution for the inexperienced user it would be either Microsoft Defender or Panda Free. The reason being neither requires any configuration or specialist knowledge on behalf of the user with both quietly doing their job in the background, and neither requires any sort of renewal or re-registration.
In the case of Microsoft Defender, definition updates are delivered via the normal Windows Update mechanism, and in the case of Panda Free, the definition database is maintained in the cloud, meaning the database is always up-to-date even when the user hasn’t started the PC for an extended period of time (= immediate full protection).
Your turn – which antivirus software do you use and why?
—
I’ve used many of these in the past (McAfee, Kaspersky, Norton, Avast, AVG, Vipre, Bitwarden, and Panda), but for years, I have just been using Microsoft Defender/Windows Defender. It works just as well as the other premium versions I was paying for. I found the premiums bloated. I also prefer getting the best (for me) of the extra components that the premiums are trying to compete on. For example, I pay for Bitwarden Premium for my password manager.
Years ago, I bought Malwarebytes Antimalware Premium, it was $10 or $15 for lifetime. They don’t offer the lifetime option anymore, but they still honor this license, so I have that on my pc, too. But, I’m not sure if it is necessary with Windows Defender.
One more thing I do is run my Windows machine in a local user account, only logging in to the admin account when absolutely necessary. Therefore, it is difficult to get any malware loaded onto my machine to begin with.
JD
“Bloated” is a good word to describe premium antivirus software JD. Many years ago I bought a new machine with a Norton trial included. Back in those days I was working with a Pentium 3 CPU and 512 MB RAM which could not handle Norton at all. I quickly uninstalled that resource hog and replaced it with something a lot lighter on resources, can’t remember what now.
Over the past 20 plus years, I tried out many antivirus programs and experienced growing pains with all of them. When I stumbled upon Kaspersky Internet Suite, I discovered the many added features of this product extremely useful. Yes, it might be looked at as bloated, but I enjoy features and use almost all that KIS offers. One feature I use often is when doing online banking. KIS automatically opens a private browser for added protection.
Having several computers, I use one to visit sites which might be considered risky. My protection has not let me down, blocking the connection when a risk if found. Not sure if other programs (or should I say suites) would be able to offer the same protection. So we all have our favourites and defend them vigorously, Mindblower!
Agree w this comment ……..it is a great program so far
On newer systems, like the one we tested on, however, the system impact is not noticeable in most cases.
In the past, the application was well-known for being a system resource hog (old news) that didn’t play well with Microsoft Windows and that wasn’t always accurate. However, times have changed.
Microsoft Defender is short on features and can’t quite match the market leaders for protection, but it’s easy to use, and does a decent mid-range job of keeping you safe.
For example, one group of tests involves using trusted Windows apps to download malicious files, a common scripting trick. Norton realized there was a problem purely from the behavior and killed the process before it could download the file. Microsoft Defender accepted the behavior, allowed the download, and only raised the alarm when it realized the file was malicious.
Not only is Norton antivirus safe, but it also has a long history of perfect (or near-perfect) virus detection results. Even during the most recent independent AV-test testing period (April 2022), it managed to score a maximum of 6 points in protection, performance, and usability.
In other words, Norton’s security suite caught 100% of zero-day malware, detected no false positives, and had less impact on computer speed than many other antivirus programs. This makes their malware protection untouchable.
Putting things into perspective; in the latest AV-Test results, 14 antivirus products scored a perfect 6 out of 6 in all three categories, including Microsoft Defender.
“and had less impact on computer speed than many other antivirus programs”
Not so. As I already mentioned, a total of 14 antivirus programs scored a perfect 6 out of 6 for performance. In fact, if you drill down to the more granular results, Norton scores at the lower end of the 14 for performance.
Researchers at AV-Test Institute(Opens in a new window) look at antivirus products from three different angles. Naturally, they rate the product’s essential ability to protect against malware attacks. But they also rate each product’s effect on system performance, and they examine how successfully it avoids naming valid programs or websites as malicious (false positives). Products can earn 6 points for each of these criteria, for a maximum of 18 possible points. In the latest test reported by this lab, over two thirds of the products reach a perfect 18 points, Norton among them.
18 Points. HMMM
Which is correct? Yours? Just asking…
I said: “14 antivirus products scored a perfect 6 out of 6 in all three categories”
6 perfect scores times 3 equals 18. Or at least it did when I went to school.
I am well aware of AV-Test’s procedures and scoring system. More aware then you are, apparently. As I said, you need to dig down to the more granular results to gain a fuller picture.
https://www.av-test.org/en/antivirus/home-windows/
I’ve been using Eset for quite a few years and I’m active on their forum. Always has a really good false positive record compared to others. The only downside is that there are some features such as advanced stuff missing and it seems the reason is because they are worried general non technical users will enable them. I do like the fact they don’t bloat it with stuff like start up manager and so on. Many AVs seem to have started to add too much so they are a system utility program to.
Kaspersky has some great features like the ability to restore files encrypted. There’s some criteria for it so it doesn’t always work but having that option is good in case it does. Sadly the whole Russian thing puts many people off including myself.
I do agree that protection starts at home. I’ve seen many people complain that they downloaded something illegally e.g. a crack and the instructions said to disable the AV so they did and got infected and then had the cheek to blame the AV. It is true that most infections require user input. I believe people presume they will be protected but nothing is ever 100 percent.
I will add that I don’t agree with anyone who says they don’t need an AV. The CCleaner incident proved this. Hackers can and have in the past, infected genuine well known programs, websites etc. so there is always a risk and it’s always good to be safe.
Also be wary of test results – it’s easy to sway a result in favour of a particular company and some of the test sites e.g. the unknown ones seem fishy. There’s many YouTube testers that are similar. I’ve seen some that disable certain features and don’t show the full setup and generally most people aren’t going to download 100s of malware at the same time.
Use what’s best for you and some common sense. I’ve seen users who keep moving depending on test results but if you’ve never been infected then it’s obviously working for you
I bought my lifetime subs to PC Matic before the free products caught up.
It is pricey but it does what it says on the box.
Being Welsh the ‘American Made’ style of advertising does annoy but it is a pretty good product and apart from sensible precautions I have just let it get on with doing whatever it does for years.
My only interactions have been it’s overcautious blocking of facebook and a few other legitimate sites recently, plus loading it on new computers.
A lot better than the hassles I had with Kaspersky, Norton and Panda (and others) previously.
I like things to just work….
Amen, Jonathan. Having used “all the above” in years past, my lifetime protection from PC Matic has been perfect for several years without any complications.
I think Malwarebytes can run simultaneously with Windows Defender, but Panda Free cannot. Do I have that right?
If so, what makes MB so special?
Hey Daniel,
No mate, you do not have that right. As far as I am aware, you cannot run Malwarebytes Premium with Windows Defender (now known as Microsoft Defender) at the same time. You can certainly run Malwarebytes Free alongside Microsoft Defender because the free version does not include any real time protection. However, not much point in running any AV with real time protection disabled, sort of defeats the purpose. That’s why Malwarebytes Free version is often referred to as a second opinion scanner.
Rule of thumb; running two AVs with real time protection enabled is not advisable as it will certainly cause conflicts. It’s the main reason Microsoft Defender is automatically disabled whenever a third-party AV is installed
Jim,
You can run Malwarebytes Premium with Windows Defender (I do). They run fine together. You want to do 1 thing though. You need to turn off “always register Malwarebytes in the Windows Security Center” on Settings in MBP.
In fact, Malwarebytes Premium will run fine alongside most antivirus. They recomend adding a few items in exclusion lists. Here’s their article https://support.malwarebytes.com/hc/en-us/articles/360038522974. Note, I don’t have these set, and it runs fine.
Malwarebytes Premium has 4 realtime protection engines (Malware, Ransomware, Exploit & Web). I don’t like Web, so I just run the other 3.
There are a few security software that don’t run well with MBP though. Here is an article by them: https://support.malwarebytes.com/hc/en-us/articles/360051090194-Issues-running-other-security-applications-and-Malwarebytes-for-Windows
It seems the issues are with Web Protection engine (which I don’t run anyhow) and there solution is just to turn that engine off.
JD
Yes, I already posted a further comment to include that info JD. Thanks for confirming it works okay.
Must admit though, I remain a tad dubious for users who do not possess your sort of expertise. I also think it would be a good idea to set exclusions in both AVs, just in case. 🙂
I don’t know. Having a second opinion scanner can be a good idea as no AV will ever be perfect.
I haven’t used Malwarebytes in a few years even though I still have a lifetime license. My dad is bad with computers and has infected his in the past and I remember trying many things and only Malwarebytes found the culprit. Back then at least it seemed to find specialist stuff that others didn’t.
I think you might have misunderstood my meaning Peter. I wasn’t saying there’s not much point in having an AV without any real time protection, quite the opposite. What I meant was that it’s not much use having MBAM Free running in the background without any real time protection enabled. Just use it on-demand as a second opinion scanner.
Daniel, an update re running MBAM.
Richard saw our comments and has located an article which states that, with a settings change, MBAM Premium can run simultaneously alongside another AV, including Microsoft Defender, without issues.
Here is a link to that article: How To Run Malwarebytes Alongside Another Antivirus
PLEASE NOTE: Because I do not have MBAM Premium installed I am unable to confirm that the method described in the article works 100% without issues.
I will add that malwarebytes seem to claim this but many AVs are against it. This could be partially marketing but there’s the risk of if 2 AVs try to do the same thing they may end up conflicting. I’ve seen some people say it like this – the 2 AVs argue at the door and in the process something actually slips through.
I tend to agree Peter. However, JD has confirmed, from firsthand experience, that MBAM Premium does not cause issues running alongside another AV. Provided the recommended setting is changed, of course.
I still believe it would be good practice to add each AV into the other’s exclusions though.
Jim,
Understood, and thanks for the follow-up.
Dan